As digitisation of payments accelerates across India, digital financial crimes are also rising, prompting an urgent need for improved security measures to counter escalating fraud risks. At Business Standard’s banking, financial services, and insurance (BFSI) Summit, industry experts from IDfy, Kaleidofin, HDFC Bank, GooglePay, and Zeta shared insights on the complexity of financial crime in the digital age. They emphasised that securing the payments ecosystem requires robust know-your-customer (KYC) protocols, advanced fraud detection technology, and ongoing consumer education. The experts highlighted that as the financial ecosystem evolves, so do the tactics of fraudsters, necessitating a multi-faceted approach to safeguard the finance sector.
Digitisation, a double-edged sword
Ashok Hariharan from IDfy, an integrated identity platform that helps enterprises eliminate fraud using tech-powered solutions, noted that the risk of fraud escalates with increased digitisation. "When digitisation increases, fraud increases. Incidences of fraud have risen significantly—almost a 100 per cent increase from last year. KYC should not be too easy; it is meant to add 'happy friction' to control fraud," he said.
He pointed out that fraudsters often have access to vast user data and are highly skilled in data science. Hariharan underscored the importance of user education and platform accountability, adding that more than one-time passwords (OTPs) are required as people can be socially engineered to reveal their PINs.
A broad range of fraud tactics
Natasha Jethanandani from Kaleidofin, a firm that supports banks, non-banking financial companies (NBFCs), and other financial institutions in offering doorstep lending, discussed the widespread fraud across the credit lifecycle—from phishing and ghost accounts to fake loan apps that harm credit scores and deplete savings.
More From This Section
"The more measures you put in place to curb digital fraud, the more fraudsters innovate to trick the system. Fraud spans the entire credit lifecycle," she said.
The cost of security
Sivaram Kowta from Zeta, a banking software company, highlighted the challenge of securing financial systems in a rapidly evolving digital landscape. "We are both excited and extremely concerned about security in the digital space," he said.
Kowta added that OTPs and other digital payment features are vulnerable to phishing. "Compromising a password can compromise your entire financial security," he noted.
Tech limitations in fraud detection
Ramesh Laxminarayan of HDFC Bank described digital financial fraud as a disturbing trend, noting that the past 9-12 months have been particularly challenging for the banking industry. "The numbers have not been revealed, but fraud is omnipresent," he said.
He explained that traditional rule-based systems struggle with real-time fraud detection, making artificial intelligence and machine learning (AI/ML) essential. "Legacy technology limits real-time fraud prevention," he said.
Laxminarayan also identified mule accounts—bank accounts used by scammers—as a significant challenge, explaining that HDFC works with various partners to address this issue. "Today, 15-22 per cent of banks' capital expenditures go towards security, up from less than 5 per cent five years ago," he added.
User vulnerability on UPI platforms
Karan Sapra from GooglePay highlighted the unique features of UPI (Unified Payments Interface) and its vulnerabilities. "UPI is secure but can be misused," he said, pointing out that users can be manipulated into sharing PINs. "If you share your PIN, it’s not a bug; it’s a feature allowing immediate transfers."
Sapra stressed that fintech platforms must protect their most vulnerable users. "As India’s digital adoption grows, more segments of society are included. The latest entrants are often the most vulnerable. Our progress depends on ensuring not just digital adoption but the safety and security of the entire ecosystem," he said.